Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e1cc563b-3ad8-4c2f-9f0e-dae5ff843492.roa
File:                     e1cc563b-3ad8-4c2f-9f0e-dae5ff843492.roa (raw, json)
Hash identifier:          kVDdzIRz0zZAIacHF2QhVEOfXvpCmIMyox9XnELMleA=
Subject key identifier:   73:4F:1E:B9:E9:42:76:25:CE:64:31:60:64:F9:E8:08:72:60:FF:98
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       776DD5159300A792E0A159BBC4D3FB542906BE0B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e1cc563b-3ad8-4c2f-9f0e-dae5ff843492.roa
Signing time:             Mon 11 Mar 2024 00:00:00 +0000
ROA not before:           Mon 11 Mar 2024 00:00:00 +0000
ROA not after:            Mon 15 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        52.95.48.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:6d:d5:15:93:00:a7:92:e0:a1:59:bb:c4:d3:fb:54:29:06:be:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 11 00:00:00 2024 GMT
            Not After : Apr 15 23:59:59 2024 GMT
        Subject: serialNumber=8f317a66abb24d75525f4deed2474a95701bb6ae007b52e1138bd80c8f537097, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ea:60:ee:15:de:76:4b:92:fa:ff:00:84:1a:
                    f6:bd:4b:60:22:63:bf:84:a0:98:24:7a:a7:28:5e:
                    09:7c:2b:03:4c:a3:e3:93:76:df:e9:ad:02:53:ea:
                    5e:30:4e:6a:a4:1e:24:d7:f2:90:41:30:aa:7d:52:
                    b1:f5:da:a8:77:78:1c:27:19:44:e4:f4:65:e7:2f:
                    12:53:af:b2:98:81:dd:e4:c8:87:21:52:43:d0:d9:
                    09:e4:f1:da:15:64:86:e4:d0:35:c1:b4:ca:84:4d:
                    7a:0e:8f:5d:02:66:a8:e2:d7:19:9c:ce:20:88:53:
                    b3:cc:c4:96:fc:32:ff:07:37:f1:82:c7:cf:73:87:
                    f2:f3:08:f9:4b:f1:35:c9:ca:34:c9:30:a3:4a:08:
                    80:39:51:81:0c:2e:f0:02:54:f2:62:6e:f6:84:05:
                    a9:c8:74:64:84:57:35:d2:d2:5f:07:20:71:d0:8e:
                    f7:44:80:76:05:df:04:8e:0d:92:d6:57:e8:2b:0b:
                    f6:36:d9:ef:86:97:2d:13:5e:5c:c3:8b:6d:0d:1e:
                    ea:d8:44:f9:ef:28:ed:53:98:54:be:db:f4:c2:a8:
                    f1:0e:63:a8:85:71:58:e2:14:1b:16:96:88:9e:a1:
                    6c:7e:fb:3b:b9:31:60:78:49:22:0c:bd:e6:25:02:
                    b5:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:4F:1E:B9:E9:42:76:25:CE:64:31:60:64:F9:E8:08:72:60:FF:98
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e1cc563b-3ad8-4c2f-9f0e-dae5ff843492.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.95.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         86:f4:30:b6:81:57:ba:a1:e2:a7:a6:ac:b1:89:19:49:04:e5:
         33:4c:18:be:2f:f0:7e:2f:1b:aa:1d:04:dc:4c:29:60:6c:33:
         c5:46:e6:21:74:46:dd:16:b5:f3:16:a7:27:62:28:25:05:d7:
         60:e0:16:04:1c:67:7c:8b:78:ca:78:20:58:0c:ba:36:e2:08:
         f1:b0:10:c9:86:1c:55:fd:57:bc:34:fb:4d:bc:b4:86:e9:8d:
         29:3b:e8:d5:e3:14:63:8d:b0:14:ba:67:c7:3a:8a:c8:ac:9c:
         11:e3:4f:53:30:48:f3:1b:aa:47:7c:ac:a2:f9:9a:be:46:84:
         9a:52:05:56:2c:3e:7d:92:c2:38:4b:91:ae:5b:5e:79:38:c1:
         13:66:f7:4a:f4:cf:9f:d5:82:3a:e6:d7:0c:65:72:35:c2:a8:
         1a:e8:91:3c:ad:4b:c7:ba:c4:4f:1f:75:f3:a9:5e:b5:7d:4e:
         b1:1b:8e:2a:9c:f0:59:79:5e:dc:50:4d:db:af:9b:50:b1:b4:
         f2:92:19:62:3c:db:78:ec:17:f4:84:87:3a:8b:1c:83:f2:bc:
         ad:5e:1e:ed:18:b4:d8:c1:3d:23:3e:c6:70:47:70:6b:37:d8:
         09:43:d4:ec:e8:1d:d6:cd:de:77:6a:ff:c0:6a:b3:f9:db:c9:
         f8:3a:b3:bb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUd23VFZMAp5LgoVm7xNP7VCkGvgswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzExMDAwMDAwWhcNMjQwNDE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZjMxN2E2NmFiYjI0ZDc1NTI1ZjRkZWVkMjQ3NGE5NTcw
MWJiNmFlMDA3YjUyZTExMzhiZDgwYzhmNTM3MDk3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDL6mDuFd52S5L6/wCEGva9S2AiY7+EoJgkeqcoXgl8KwNM
o+OTdt/prQJT6l4wTmqkHiTX8pBBMKp9UrH12qh3eBwnGUTk9GXnLxJTr7KYgd3k
yIchUkPQ2Qnk8doVZIbk0DXBtMqETXoOj10CZqji1xmcziCIU7PMxJb8Mv8HN/GC
x89zh/LzCPlL8TXJyjTJMKNKCIA5UYEMLvACVPJibvaEBanIdGSEVzXS0l8HIHHQ
jvdEgHYF3wSODZLWV+grC/Y22e+Gly0TXlzDi20NHurYRPnvKO1TmFS+2/TCqPEO
Y6iFcVjiFBsWloieoWx++zu5MWB4SSIMveYlArU/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUc08euelCdiXOZDFgZPnoCHJg/5gwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2UxY2M1NjNiLTNhZDgtNGMyZi05ZjBlLWRhZTVmZjg0MzQ5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAI0XzAwDQYJKoZIhvcNAQELBQADggEBAIb0MLaBV7qh4qemrLGJGUkE5TNM
GL4v8H4vG6odBNxMKWBsM8VG5iF0Rt0WtfMWpydiKCUF12DgFgQcZ3yLeMp4IFgM
ujbiCPGwEMmGHFX9V7w0+028tIbpjSk76NXjFGONsBS6Z8c6isisnBHjT1MwSPMb
qkd8rKL5mr5GhJpSBVYsPn2SwjhLka5bXnk4wRNm90r0z5/Vgjrm1wxlcjXCqBro
kTytS8e6xE8fdfOpXrV9TrEbjiqc8Fl5XtxQTduvm1CxtPKSGWI823jsF/SEhzqL
HIPyvK1eHu0YtNjBPSM+xnBHcGs32AlD1OzoHdbN3ndq/8Bqs/nbyfg6s7s=
-----END CERTIFICATE-----
Generated at Thu Mar 28 21:36:02 2024 by rpki-client on console-ams.rpki-client.org